- Issued:
- 2019-12-10
- Updated:
- 2019-12-10
RHSA-2019:4154 - Security Advisory
Synopsis
Important: kernel-alt security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
- kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203)
- kernel: use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)
- kernel: Information leak in cdrom_ioctl_drive_status (CVE-2018-16658)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- IPMI use after free issue seen on Marvell ThunderX2 (BZ#1732163)
- kernel: siginfo delivers SEGV_MAPERR instead of SEGV_ACCERR [rhel-alt-7.6.z] (BZ#1757189)
Enhancement(s):
- [Marvell 7.7 z-stream BUG] CN99xx: DIMM label not extracted in EDAC hw error log (BZ#1721427)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1550811 - CVE-2017-18203 kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service
- BZ - 1619846 - CVE-2018-14625 kernel: use-after-free Read in vhost_transport_send_pkt
- BZ - 1627731 - CVE-2018-16658 kernel: Information leak in cdrom_ioctl_drive_status
- BZ - 1746708 - CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.16.1.el7a.src.rpm | SHA-256: 85ad3433b5ff82f8e1fa12ebbdd8f97de677d3481de2e219a44ff7899f6eb51d |
| aarch64 | |
| kernel-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 51d15f88263a7df88c4b157f646e9ef541d42372fbf570bafbc572e42e2c2dee |
| kernel-abi-whitelists-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: 60394366f9d0bc039d697fa95ef8207435246ad4822135495cbefa00b29f2d3a |
| kernel-debug-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: c5c283264247a35c187cb45372f8b6c3852ca2e848b154284d62f6c9948117de |
| kernel-debug-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 1accd4b2e2b6f646dc1b1c0873d9c2b39dac78870e40f6bc95d85fabd115a05c |
| kernel-debug-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 1accd4b2e2b6f646dc1b1c0873d9c2b39dac78870e40f6bc95d85fabd115a05c |
| kernel-debug-devel-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 3d2a59ede924fc14641c8fa019a41f4c4ddb5faf59b0000cac6ed67fe23b27c8 |
| kernel-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: d73040881903944b553e81331f1a6baf734fa0b54aa8dd611b935b61d97997e3 |
| kernel-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: d73040881903944b553e81331f1a6baf734fa0b54aa8dd611b935b61d97997e3 |
| kernel-debuginfo-common-aarch64-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: ba0178adecbb8852513b15cbc568faffe61e855e0f72aa9d305f3c34a3948fb4 |
| kernel-debuginfo-common-aarch64-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: ba0178adecbb8852513b15cbc568faffe61e855e0f72aa9d305f3c34a3948fb4 |
| kernel-devel-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: b0f0f43f9e73f17632b23224e0a8e3a019b6d61f141402a6a4c0e28d1d56fbe4 |
| kernel-doc-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: bdbfd267bc2a77485fbb93074723cc2a8b3d4290ce86682219b96f03f23a9308 |
| kernel-doc-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: bdbfd267bc2a77485fbb93074723cc2a8b3d4290ce86682219b96f03f23a9308 |
| kernel-headers-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 542a560bf4b5b47b72508aeb578ae0ed64092795677c6c22ebbb63bd93c94911 |
| kernel-tools-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 84175bd9eb2677e9070edcd3db0a72b694a0d5d34d2f0db92b67635978afe4bb |
| kernel-tools-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 0179a8aef78ac00b505086f6b44541ea69caa3cb40a29429d78aba69e778f93c |
| kernel-tools-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 0179a8aef78ac00b505086f6b44541ea69caa3cb40a29429d78aba69e778f93c |
| kernel-tools-libs-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 0c159e9199f66425e6c189be22d1f29e018a72cc487dcbf26fd03e6a3b125803 |
| kernel-tools-libs-devel-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 2a3edba1dc025e3eec8e0a4ef97db2175de7021fcf4842e169ef3034dc3d838e |
| perf-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 30990db938750e0b6758d3cc5aa9ce2879adafe317fe9b88a725f28f9d7e3e72 |
| perf-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: faa4075ee35b936f85fcb8d58d64ff81f59777ea3de4416b03d1160499a9ed31 |
| perf-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: faa4075ee35b936f85fcb8d58d64ff81f59777ea3de4416b03d1160499a9ed31 |
| python-perf-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: be7136acbb68a07710da877bd4dff5ea713a0a872b210d472160552a7295900d |
| python-perf-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 645f91cafb6be401aa0da3da887fe962d485457e02e7001f76ba64eb156aa6aa |
| python-perf-debuginfo-4.14.0-115.16.1.el7a.aarch64.rpm | SHA-256: 645f91cafb6be401aa0da3da887fe962d485457e02e7001f76ba64eb156aa6aa |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.16.1.el7a.src.rpm | SHA-256: 85ad3433b5ff82f8e1fa12ebbdd8f97de677d3481de2e219a44ff7899f6eb51d |
| ppc64le | |
| kernel-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: f67fcf2279b8a9912c89c996e3ce49a29c4083679ca80fbefd01d687aecabbd2 |
| kernel-abi-whitelists-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: 60394366f9d0bc039d697fa95ef8207435246ad4822135495cbefa00b29f2d3a |
| kernel-bootwrapper-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: a2d675df629afbbbf5987873cdb9571c94ed2548f3b7f9c0bfd52cca4ae12d1e |
| kernel-debug-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: a2baee59863b5582e7762c6c48cc9ea6173d4f3144660025e6451f53c8bcb449 |
| kernel-debug-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 6b87f9fc10a244d29517cfeee60713ed77cf934342c2b5094970066089c5874a |
| kernel-debug-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 6b87f9fc10a244d29517cfeee60713ed77cf934342c2b5094970066089c5874a |
| kernel-debug-devel-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: e46c4a842da3b24acd9048f98c5f6b6153a20b1a305d3279f49b38983290f3f2 |
| kernel-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 85f3907d2c18e2b3645a8ab1fa904547fd8bd309a5324988c5d8b710647cc658 |
| kernel-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 85f3907d2c18e2b3645a8ab1fa904547fd8bd309a5324988c5d8b710647cc658 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 9a4b2b82481fd31e63a4503a78a453e99721ff584555ca36fea1e84bf1abda30 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 9a4b2b82481fd31e63a4503a78a453e99721ff584555ca36fea1e84bf1abda30 |
| kernel-devel-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 13195f7fd39dbca90908600a0a64ffe53a643ca029cc27c0753d2cf6979dafd2 |
| kernel-doc-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: bdbfd267bc2a77485fbb93074723cc2a8b3d4290ce86682219b96f03f23a9308 |
| kernel-headers-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: a67eac26309999f6326f1f1a32589e20d94227d2f38cd1d915b8e74ecdb4c374 |
| kernel-tools-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: af10a249e04e68ad86c7e2c660628c7f30f82b1edcb6614c3d5d2aad72ffe445 |
| kernel-tools-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 26659d8868bcc40604a10de2b866df555f5b17a74eff10bcad9f3f8a3cf3edc0 |
| kernel-tools-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 26659d8868bcc40604a10de2b866df555f5b17a74eff10bcad9f3f8a3cf3edc0 |
| kernel-tools-libs-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 6fc91e0271fa8a90b4427345ee380b111b623975db02a33a12ed6e273f85e032 |
| kernel-tools-libs-devel-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: b96f60b4f9d6ac1a1316bf4621254ea2753b85e20599d73d001b279860adc32f |
| perf-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 790ac86797e3c588702eb473d93f43e0613f54946e6e47e3604afad7a10c5615 |
| perf-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 294243900dfe6465d77ec2c9bc09b662b2a0bf98cd8699705a33f411e7732299 |
| perf-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 294243900dfe6465d77ec2c9bc09b662b2a0bf98cd8699705a33f411e7732299 |
| python-perf-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: ea32ec00061933dcb68e46841585018edcbe9dcbed7df9f5aeed43346bb3ef03 |
| python-perf-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 200a959746331b56c6afa3f045c60267f18f3f8166b377cecde560e3e00a7b9a |
| python-perf-debuginfo-4.14.0-115.16.1.el7a.ppc64le.rpm | SHA-256: 200a959746331b56c6afa3f045c60267f18f3f8166b377cecde560e3e00a7b9a |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.16.1.el7a.src.rpm | SHA-256: 85ad3433b5ff82f8e1fa12ebbdd8f97de677d3481de2e219a44ff7899f6eb51d |
| s390x | |
| kernel-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 6297deb71ea0323e5f5add0eb5a72d208a5865a1d3d6d5fd49eed243a487a564 |
| kernel-abi-whitelists-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: 60394366f9d0bc039d697fa95ef8207435246ad4822135495cbefa00b29f2d3a |
| kernel-debug-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 713105e19541d2bf548cb05bd502af23ce38a37c4aef16664b8c360f42ce53d1 |
| kernel-debug-debuginfo-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 495a311fc71a0e85e6abe726ac67bbbcb89b20ea88ba4bcb0d0b958b4f129280 |
| kernel-debug-devel-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 76104dcf0863d7de83bd41a52df58e8bbe4195fd34a092e8791001705aa36a13 |
| kernel-debuginfo-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 9c083eccbe68df9a0b4831da33d8c390f6c7e13c207420fb41b884d655ab4305 |
| kernel-debuginfo-common-s390x-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 74c7a93d710abccdfa428b2dd98c0e01415ce2d8c245557927f092016ba3bc15 |
| kernel-devel-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 5ec73a1b90bffbdfeb62960a0a03ddcada3bf0d3c8a1d2132ea6883b9379e716 |
| kernel-doc-4.14.0-115.16.1.el7a.noarch.rpm | SHA-256: bdbfd267bc2a77485fbb93074723cc2a8b3d4290ce86682219b96f03f23a9308 |
| kernel-headers-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: def8b899f30e10494672c5e37c759cf1653deff92b61389549596de7e6e5c758 |
| kernel-kdump-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: a2e891d1c559b9abc34b4d40d1a4ebda3ec71d4833dd96ccda8928ba37a8129c |
| kernel-kdump-debuginfo-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: c6a3c660f6ef29cc21662fbd67ba794e8943036c73271c8442b9b38099f09148 |
| kernel-kdump-devel-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 1231914163c4b22d4fb5cca37f7f1e8689e158fe3be742e893b75f6844307c67 |
| perf-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 1883e23e62e9a086dc9a41658a80a6fda44322ef7c6704b0d7f796cd22943b93 |
| perf-debuginfo-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 1cfde80d8be583b7a778c731842e2f2c50af51855e9df9be8d288d0a98bca086 |
| python-perf-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: 81976e7ed8c48803cb227829b66b0ad3032b6ddc65e735a23364e46a8802dfbc |
| python-perf-debuginfo-4.14.0-115.16.1.el7a.s390x.rpm | SHA-256: f5eeadee137eda92e40b62a19c297eafe88824dbadb8808f1b7f1a39308b31b8 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.